Hi David!
The following patchset contains fixes for your net tree, they are:
* Remove extra quote from connlimit configuration in Kconfig, from
Randy Dunlap.
* Fix missing mss option in syn packets sent to the backend in our
new synproxy target, from Martin Topholm.
* Use window scale announced by client when sending the forged
syn to the backend, from Martin Topholm.
* Fix IPv6 address comparison in ebtables, from Luís Fernando
Cornachioni Estrozi.
* Fix wrong endianess in sequence adjustment which breaks helpers
in NAT configurations, from Phil Oester.
* Fix the error path handling of nft_compat, from me.
* Make sure the global conntrack counter is decremented after the
object has been released, also from me.
You can pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git master
Thanks!
----------------------------------------------------------------
The following changes since commit 42a2d923cc349583ebf6fdd52a7d35e1c2f7e6bd:
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next (2013-11-13 17:40:34 +0900)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git master
for you to fetch changes up to acab78b99633f12aa2b697474562e19c5718a1ca:
netfilter: ebt_ip6: fix source and destination matching (2013-11-19 15:33:29 +0100)
----------------------------------------------------------------
Luís Fernando Cornachioni Estrozi (1):
netfilter: ebt_ip6: fix source and destination matching
Martin Topholm (2):
netfilter: synproxy: send mss option to backend
netfilter: synproxy: correct wscale option passing
Pablo Neira Ayuso (2):
netfilter: nft_compat: fix error path in nft_parse_compat()
netfilter: nf_conntrack: decrement global counter after object release
Phil Oester (1):
netfilter: fix wrong byte order in nf_ct_seqadj_set internal information
Randy Dunlap (1):
netfilter: fix connlimit Kconfig prompt string
net/bridge/netfilter/ebt_ip6.c | 8 +++++---
net/ipv4/netfilter/ipt_SYNPROXY.c | 1 +
net/ipv6/netfilter/ip6t_SYNPROXY.c | 1 +
net/netfilter/Kconfig | 2 +-
net/netfilter/nf_conntrack_core.c | 3 ++-
net/netfilter/nf_conntrack_seqadj.c | 4 ++--
net/netfilter/nf_synproxy_core.c | 7 ++++---
net/netfilter/nft_compat.c | 19 +++++++++++++------
8 files changed, 29 insertions(+), 16 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
